[Top] [All Lists]

slow email validation problems (was reject vs bounce)

2005-09-13 02:23:05

At 00:30 13/09/2005, Frank Ellermann wrote:

Given that the group seem to think that 'reject' is better than 'bounce', I have a question.

We have an email content validation system which can reject messages based on content (viruses,spam etc). On some PCs this can take over a minute to process certain messages.

I know RFC 2821 ( says that this SHOULD be OK, as the 'post DATA' timeout SHOULD be 10 minutes or so - but no one reads the RFCs, so we find many SMTP senders will time out at a minute or less at this point. This can cause messages to be retransmitted over and over again.

We're trying to decide what to do about this. The 'easiest' thing to do is to accept the message if it's going to take over 30 seconds to process, and generate a 'bounce' later if necessary - but I don't like that because of faked sender addresses.

I guess other people here have had the same sort of problems, so are there any better alternatives?

I'm thinking of generating '250-please wait' multiline response lines every 30 seconds or so whilst the message is being processed, with a final '250 OK' or '550 message rejected because of ...' line.

But, am I being over optimistic expecting SMTP senders to be able to handle multiline responses any place other than after an EHLO command? Also, what happens if the last line of a multiline response has a different response code to previous lines (eg "250-" followed by "550 ")?

Paul                            VPOP3 - Internet Email Server/Gateway